CompTIA Security+ (SY0-601) — Question 187
An organization is moving away from the use of client-side and server-side certificates for EAP. The company would like for the new EAP solution to have the ability to detect rogue access points. Which of the following would accomplish these requirements?
Answer options
- A. PEAP
- B. EAP-FAST
- C. EAP-TLS
- D. EAP-TTLS
Correct answer: B
Explanation
EAP-FAST is designed to provide lightweight authentication while also having the capability to detect rogue access points, making it the correct choice. PEAP, EAP-TLS, and EAP-TTLS do not focus on rogue access point detection and rely on certificates, which the organization is moving away from.